Syrian Dissidents find Spyware on their PCs Understandably from Government

During cyber-wars in Syria, supporters of the regime understandably installed PC viruses on opposition activists' systems for monitoring the latter's activities, says an IT expert belonging to one of the opposition groups in the country and who's also an ex-global aid worker, after encountering infection on his own PC. CNN reported this on February 17, 2012.

The reports also reveal that as per software engineer Dlshad Othman who joined the opposition activists in Syria to assist them in the safety of their IT operations, 2 unique malicious programs have been found following the hijacking of many activists' PCs.

Examining the simpler one, Symantec researchers arrived at the conclusion that it intercepted as well as stole data from dissidents' PCs that was subsequently dispatched to certain computer-server at the Syrian government-owned telecommunication firm, Syrian Telecommunications Establishment.

Principal Security Response Manager Vikram Thakur at Symantec Corporation, much-acclaimed for its Norton AV program, said that the malicious programs both viruses had the first associated with December 6, 2011, while the second with January 16, 2012. Incidentally, the manager named the second virus "backdoor.breut." CNN published this.

The first malware, rather complex, has the skill for self-concealment. An ex-aid worker Susan, also a frequent visitor to Syria, with many associates amongst the opposition activists reported getting it when conducting a chat through Skype following the above discussed situation.

Initially, upon clicking that file, Susan found nil action. She thought that the file was corrupt so she overlooked it entirely. However, after 48-hrs or so she realized that the e-mail and Facebook accounts she owned were compromised.

On requesting Othman and his colleague to assist her in the situation, it was discovered that her PC had the Trojan, which had recorded keystrokes, captured screenshots as also harvested other information from the system. Thereafter, it transmitted all the things seized, to one distant computer-server that had an obfuscated IP address.

Backdoor.breut, which Othman received through an e-mail from a Syrian activist for examination, got installed likewise i.e. no action following its download or click. Nevertheless, Othman managed to eliminate the more complicated virus from Susan's PC.